Problem
Creative HTML is always sanitized and rewritten before it is returned from the auction path. Operators cannot opt out when a deployment needs the original creative markup.
Proposal
Add an operator-facing configuration option that controls creative rewriting. It should default to the current enabled behavior for backwards compatibility.
When disabled, winning creative HTML should be delivered without the creative URL-rewriting pass. Define and document whether sanitization remains mandatory or is controlled separately, with security implications made explicit.
Acceptance criteria
- A documented config option controls creative rewriting.
- The default preserves current behavior.
- The auction creative delivery path honors the option.
- Tests cover enabled (current behavior) and disabled behavior.
- Configuration and creative-processing documentation are updated.
Problem
Creative HTML is always sanitized and rewritten before it is returned from the auction path. Operators cannot opt out when a deployment needs the original creative markup.
Proposal
Add an operator-facing configuration option that controls creative rewriting. It should default to the current enabled behavior for backwards compatibility.
When disabled, winning creative HTML should be delivered without the creative URL-rewriting pass. Define and document whether sanitization remains mandatory or is controlled separately, with security implications made explicit.
Acceptance criteria